DESCRIPTION:
Aung Khant has discovered a vulnerability in Joomla!, which can be
exploited by malicious people to conduct cross-site scripting
attacks.
Input passed via the "searchword" POST parameter to index.php (when
"option" is set to "com_search" and "task" is set to "search") is not
properly sanitised in the "redirect()" function in
libraries/joomla/application/application.php before being returned to
the user. This can be exploited to execute arbitrary HTML and script
code in a user's browser session in context of an affected site.
Successful exploitation requires that "magic_quotes_gpc" is
disabled.
This may be related to vulnerability #8 in:
SA45094
The vulnerability is confirmed in version 1.7.0. Other versions may
also be affected.
SOLUTION:
Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY:
Aung Khant
ORIGINAL ADVISORY:
http://bl0g.yehg.net/2011/07/joomla-170-rc-and-lower-multiple-cross.html

GET LASTEST UPDATE

SOCIAL MEDIA

The Joomla!® name and logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.JoomlaCorner.com is not affiliated with or endorsed by Open Source Matters or the Joomla!® Project